- Amazon has confirmed data has been breached through a third party
- The MOVEit cyberattack left the data of hundreds of thousands exposed
- The third party did not have access to highly sensitive data
The MOVEit Transfer cyberattack that swept the world across the second half of 2023 is apparently continuing to wreak havoc, with Amazon confirming some of its employee details have been leaked via a breach in a third-party provider.
The compromised data includes employee work contact information, for example work email addresses, desk phone numbers, and building locations.
Amazon did not state how many employees had their data stolen, but confirmed the unnamed third-party did not hold sensitive data such as Social Security numbers or financial information.
MOVEit breach effects continue
Speaking to TechCrunch, Amazon spokesperson Adam Montgommery said, “Amazon and AWS systems remain secure, and we have not experienced a security event. We were notified about a security event at one of our property management vendors that impacted several of its customers including Amazon.”
The original MOVEit attack impacted an estimated 2,600 organizations after the Cl0p ransomware gang used SQL injection to compromise public-facing servers and steal data using LemurLoot from connected organizations.
Amazon’s confirmation of a breach comes shortly after a threat actor published data on BreachForums, a site used by cyber criminals to advertise stolen data for sale. ‘Nam3L3ss’, the original poster of the data said in their forum post that they had data stolen from 25 major organizations including Amazon, U.S. Bank, HP, Delta Airlines, Lenovo and many more (via HudsonRock).
Nam3L3ss also emphasized that “What you have seen so far is less than .001% of the data I have. I have 1,000 releases coming never seen before.”
The data stolen in the original breach remains a threat to affected organizations and could be used in a number of harmful ways, including phishing, social engineering, and fraud.